A company that provides bill collection services for Chicago-based CommonSpirit Health fell victim to a cyberattack.
Financial Business and Consumer Solutions Inc., aka FBCS, said it discovered unauthorized access to some of its network systems in February, according to a notice on CommonSpirit's website. The company started notifying 117,567 individuals affected by the breach in June, per a report to HHS.
The collection agency's investigation determined that the hacker had the ability to view or steal files in the system for 12 days. The breached data may have included names, addresses, dates of birth, Social Security and driver's license numbers, diagnoses, treatments, medications, and health insurance information.
Cyberattacks on third-party vendors have been an increasing problem for hospitals and health systems.